I have a master server generating large files for other (known) servers to download.
- Are quite big. From 20MB to 5GB.
- Are written once by the server and then it forgets about them.
- Nobody should be able to read the content of the file except the server it has been generated for.
- Will be downloaded over HTTPS using a library such as RequestJS
Based on this knowledge, I planned to generate an RSA key pair for each server, store the public key in the database of the master server along with the servers’ specific data (like unique identifier) and only keep the private key on the server it belongs to.
I thought I would just have to encrypt the whole 5GB file using the server’s public key and only it would be able to decrypt it.
However, after looking around on the internet, I noticed that it’s an extremely bad idea to encrypt big things using RSA. It’s not meant for this purpose at all.
I also heard a lot about AES and decided to take a look at the way the TLS works and noticed it uses RSA encryption for the symmetric AES keys.
Now, I’m thinking that I should encrypt my files using AES with a randomly generated key per file but I need to transmit the key to the server.
My idea is the following:
- Generate a random 256 bits key per generated file.
- Use this key to encrypt the whole file.
- Use the public key of the target server to encrypt this key.
- Prepend the encrypted key to the file so that it’s a whole package.
- Sign the whole thing with the master private key (but I haven’t thought about that yet so I’m open to suggestions regarding the algorithm)
And, on the reception side, the server would just read the first 256 bits, decrypt with its private key and use the decrypted payload as a key to decrypt the file itself.
Since I have no deep knowledge of security, I would like to be sure that it a good idea. I see no real downside but I may not know what I’m talking about enough to judge that.
At first I thought HTTPS would be sufficient but I don’t want anyone to be able to get the file so I still need more encryption than the connection itself.
Moreover, I wouldn’t want a “slave” server to be able to decrypt the content of another. And I should be able to revoke a server by changing its key pair.
I have a sheet that I need to only be 5 columns. I use this as a teaching calendar. Sometimes I need to add a cell in the middle if there is an activity that will add an extra day into my calendar (or what I planned for one day, actually takes two days). However, adding a cell only pushes the row to the right and adds a new column.
Instead, I need it to keep to only 5 columns and instead move the cells to the beginning of the next row instead.
Is this possible?
Do not Reset the current position of migration to start from the beginning
In the Destination database, the data migration tool will truncate the table but we need the data that exist in the destination database.
Is there anyways run the data migration tool without touch previous data in the destination database.
i use a underscore at the beginning of files and folder to mark them a something “special”, this sorting doesn’t work for the most programs under linux. i tried ‘LC_COLLATE=C ls’ and other locales but the results are something strange. lets say i have this folders:
2 A _F G K S x4
this is the sort order of ‘ls’. when i use ‘LC_COLLATE ls’ i have this
2 A G K S _F x4
I have this under xubuntu 18.04 using the xfce-terminal-emulator on 2 machines.
what is wrong here?
Although alittle later than most, I am determined that I would like to greatly expand my understanding of development. With this, I recently purchased a development bundle to help kick-start my journey. There is such a wealth of information available that I am not so concerned with finding reference materials, but rather my question pertains to which topics/programming languages/etc. are perhaps considered easier for a beginner…
**Can anyone kindly advise which of the below, or perhaps suggest another topic, to kick-off a self-paced development study? (I know formal training and education is normally recommended/required, but I just trying to expand my personal understanding and not actually trying to move into a new career – we shall see…)
Below are the topics which I have placed into my “foundational” bucket… (My end-game is to be able to actually use the Mac development tools).